sova | 3eb7efa71648ae819f1bff89399717805129487081e8261dd65bf596f2467054

Resubmissions

13-10-2022 15:48

221013-s89f5sbhen 10

06-10-2022 16:41

05-10-2022 13:53

31-08-2022 20:23

31-08-2022 20:11

31-08-2022 19:40

31-08-2022 17:36

31-08-2022 17:32

Analysis

max time kernel
3525631s
max time network
1712s
platform
android_x64
resource
android-x64-20220823-en
resource tags

androidarch:x64arch:x86image:android-x64-20220823-enlocale:en-usos:android-10-x64system
submitted
13-10-2022 15:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ndQOhY0ypd.apk
Size

5.2MB
MD5

ca559118f4605b0316a13b8cfa321f65
SHA1

5ef4d5784738d79f22f9bc5e8db7c94985bc1a3a
SHA256

3eb7efa71648ae819f1bff89399717805129487081e8261dd65bf596f2467054
SHA512

091f07d51e9d7c924666f28a30b03e5ff887e239ad2ed9a99cbd65e7b9350c6fc89cafdbbe05de27f8ea6dc90ff8484c1b692fc891b58fcc6104fa6878e8f3d7
SSDEEP

98304:+Ld3yR0X7GPzP21DeReIrJ0jJMooanGHNdyc7scnuB5k9MWdU:+LxyR0X7Qz/diMolGfyXcNMWdU

Score

10^/10

sova sova_v4 banker infostealer trojan

Malware Config

Signatures

SOVA_v4 payload 1 IoCs

resource	yara_rule
behavioral1/memory/4769-0.dex	family_sova_v4

Sova
Android banker first seen in July 2021.
banker trojan infostealer sova

Sova payload 1 IoCs

resource	yara_rule
behavioral1/memory/4769-0.dex	family_sova

Sova_v4
Android banker first seen in July 2021.
banker trojan infostealer sova_v4

Loads dropped Dex/Jar 1 IoCs

Runs executable file dropped to the device during analysis.

ioc	pid	Process
/data/user/0/com.slhytrowb.wfxaicaiw/ihoftigt8f/ffkyffUhHfh8I89/base.apk.hkyhafI1.g8k	4769	com.slhytrowb.wfxaicaiw

com.slhytrowb.wfxaicaiw
1⤵
- Loads dropped Dex/Jar
PID:4769

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Cookies

Filesize
64KB

MD5
9b23e6a88d5a95f155f205cb04b93cd0

SHA1
b62dccbbef087a0731f226b96d15d35d8aa5e5fc

SHA256
f2f3c3c0c7f085399a6f9a464c1ac30a59ceeb5a4b7026286fa5609e6e8ef857

SHA512
bce5f25d98e2e8296c4101b62082dcb6a43902f3431ff6f725e41be6b9aece76e887ef94c4818baf4da845708fd76fd51c37fb6915710c870647593868f27482

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Cookies-journal

Filesize
1KB

MD5
e3893040347baa60029a07d322aae7d3

SHA1
6caec9f844c3c343128d0e988752f069dcd95502

SHA256
54f2039d3dd81c535e63ffa00d9612480e9082ae0ff66f276490f3a5b1202d00

SHA512
6ba525f9aaf27813d65b7b7b6cc956ea958a54cdd55739abc7690d3574aafb22f70e437d0e48829f6b57cc8800efbc349f100c273a93cdbdfd3277fa499d7918

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/GPUCache/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/GPUCache/index-dir/temp-index

Filesize
96B

MD5
6d2274734fb97c4fab9ca368458a88df

SHA1
5307fa7750816b80e61abcb13181443f66695827

SHA256
345a2ce861c607e931ad6d3df10331dc5a7ede3465008f48256b8687b391f3c6

SHA512
8a1df70bd99a7e020f268fb031e5ce3007628f9564e670a14dd22307f418e2203478cdae8eae2917f9eca0ad9051230ecde29e6f909bc0b30fe81f4e6899fde7

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Web Data

Filesize
112KB

MD5
b663831f8cc130493476d94f2d7a5330

SHA1
043a1956ab8e40821d67043f8a9110a8eb36fb93

SHA256
c109aa8bfc364d5fd0756f1c9d35ee3d6df31325061ac70d8469f28cfc882ab7

SHA512
e8ee923192cdf16318febdc23362f3eeaf5c914b923f80cd3a91a2e83e94bced54460d4ef1e54accc26a7d54b89e2e10c00097e60002cf6427298dc5f18fed16

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/Web Data-journal

Filesize
1KB

MD5
bf8ab3a3f89c4b6eb1e24e88bd6e7981

SHA1
f141aeebb3103447acb54a2cadf6a31eccf2186b

SHA256
33ea10aa918b0c162abba7325ed849bc98e3c8c733cdcef4b8af0540b2fbfcfb

SHA512
035e9fe2c8e76e36cb4e96efb67691b7864fbfc1d8015104de841cfa37250caebaeb372d377516f39b0d4cdb2dc7bee110d5aeada59d5c8c3f9da0ac0505cf0e

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/app_webview/metrics_guid

Filesize
36B

MD5
6f8e652bcfc68863385dbdc770cfcc0a

SHA1
c65d4c925da5c3abe8383067dfd4ac337e57ffc5

SHA256
2e1966f80568043aec7931a28b05fd07eecf7136b20b83c026553930306f1a71

SHA512
83e9b912695483521b87204f533db4b874053db57b4ba18f756045435c0a702c6600556e3553700310eedb04dd8a964c469f62a018e04ff9ae6b69a1c58a38cf

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/WebView/Crashpad/settings.dat

Filesize
40B

MD5
1c4098147a0e7fec697d81ed1c157895

SHA1
5d205466cdd4c26b585cdb3779a2f1122ce513cc

SHA256
eda924e03acbceacced38588746d017f48815f5b1fd80b239b6d32001ed11f9b

SHA512
192f7c20950f7be46b6ec9fd1e304816a1b6393d119a8812ea07d53a062ba8371c9e8f4a1d3ab7e594689876e0e26a154ca8836b06881a077562eb6ba05f30d6

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/1c8cab44519da61b_0

Filesize
340B

MD5
80820283ef777f8dc30a51c05ebe503c

SHA1
139d8c1ba3b34efab7ebc1cdc5044500abfc2290

SHA256
a584e17fdbabb02d34c0d83c23350bc9db9a9839badc5272bab1a2d9d151b132

SHA512
cded306868af1fcf836d30600c9b5585e1119a3181d2608467071e7ec867843bc3c64256e88461fd9b605e484e157c1828e03b9e0f6cb75a42a51283f33f13a4

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/Code Cache/js/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/Code Cache/js/index-dir/temp-index

Filesize
96B

MD5
2d01f5e25ba4578343a6db599b5d3f3b

SHA1
50945800b78d0bcb52ca4d980e7e838b67dab582

SHA256
87230a0fc528b4db0b1c60935655588c7deec6587615d1e0f96f78b008bba610

SHA512
636e6434c83a0e6062008de844e4cdae9e4e899b9a4e1ed0ee7006b6ed0da5c757dbe4cc9dcdd6fa1fb567e1f54625cde93167fe56baeb035f79e7f952ced14d

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/e4db911cfa09c606_0

Filesize
520B

MD5
5e825535913d4021e85192bb9560b825

SHA1
33aaa817de7358769185b139e54355d3585cfafc

SHA256
40dbda1f4318758873d4a80d21f9da4919ddb8cac53ddf2ee94480d0585789d6

SHA512
aefeb124c2f7679ccdf4fb4acdc12d3f1553692d56cba96828133ffe3c61e91027c7a755c670f8610a53970ebfc53f5ece5f2d7d65a4e01969544013d8b4baae

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/ee7454f6f7222f8a_0

Filesize
338B

MD5
ef11061a2bbde73ad896d5f4d6d3a4d5

SHA1
0f34c91b18d4cd058348e0769b7eba1cbc5f5973

SHA256
ae4acb30bf49099c24e888a7a6bb6164dcf8d7074ea2e23a4ce593f843622b63

SHA512
d20d08620c3e1aee5113c0ba57b8066fc0cf13dac68356d9a620c8349a401bdca1610a180c1a7f727ba695bb1e7c368cd15bce6282f5c313d1921c21effa3d79

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index

Filesize
48B

MD5
6d7d499960179766cd4261d12dacc411

SHA1
e6f8553b0015e12b23cc551afe98763f3b1c9bed

SHA256
c96ac03cfdbc6f4c1bdcdf764f1a6573f852e7aae5ef405969516b93ed271182

SHA512
6526c668477a01a850b8757b77dd3e7be27ad1991f5cf777685efcb03a21f31b71f6eae00f326931599baae4b16360e33e3d0f2894f1b2c1753391df02a14547

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
96B

MD5
fa9deb5b232eebd6f5672cc8d40a978a

SHA1
adb4a2d341ad9b2c1aa4779a71f430889240cf74

SHA256
31ab8093e6dd12e0760693a07e0fbf3dad624996fcc161339eec5f9aae86eed1

SHA512
eed7b84bfe878edecefa8402af2af9e0b761e0cabfffc5152fab0639a6d05ba5df37e5806ffcca975426cc2a88665e5f40f9d988325a4bf9f8f99870554ddbb4

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/cache/org.chromium.android_webview/index-dir/temp-index

Filesize
96B

MD5
5cb05092943e8b4f17455a33452cf5a9

SHA1
32b23a83f366c0166f044a9e9ccdfb1f3852f7c9

SHA256
58b9c7069c4824f3c6e896181a58779145107b3307fa5bac8a892b6d02d07300

SHA512
ef65b8a8def6683e0415d9a3806e3b3b5b642fbc0df39d6b9ce05fdf2b1ba224eac0ebddde534d1a1cd6feea74bf79b2d5252da2f92bf78e8386bde7a86ff987

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/ihoftigt8f/ffkyffUhHfh8I89/base.apk.hkyhafI1.g8k

Filesize
1.7MB

MD5
2426b919cdc0753cfda937d3a87d6226

SHA1
f258933ea1ecdb552475032b89fc2b3c83e0e6f0

SHA256
e7c8f9bacba13bdadf4c74cf356dc7734b0a269bf1bf02695fbba37f87eaeb98

SHA512
2cbb1dbee4a7d8bba818b416b7015ba5128cf77b9ba53906fd6efc2940ee71341e62292a79e43eaaf061a6cd4c21a96893354ab4b8b54e35708b768de5fbf21e

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/WebViewChromiumPrefs.xml

Filesize
127B

MD5
6ef709b8536878951e87c29a1518fc2b

SHA1
24376c70b00152501b3d98df61fa7db435339172

SHA256
10b13d894f36d4391fcc31313a244d5f6cd89c8e8c03347282e281c4af13c0a6

SHA512
96547eff6779251a5c4941e812ec56ed273e9270265005723e1f2864688b04f3b852a90145fba4ea0ddf1e02b39d99e33d28f761b07a04d46e0e4257d8909ff9

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/com.android.launcher3.prefs.xml

Filesize
128B

MD5
20837fd8daf2a2de8d6c4ccd8e90653a

SHA1
7ac08617bd4585151c239325aea243d9eca586f7

SHA256
e05f0ae0ee70ef2efac07e999da273b5f506462b67549f9080f6cdf469d70cec

SHA512
a4fd7ac1ce847a84fe4f47c2e7079f00b16b86213fe840b70e3a55992a043da99ca6fe1c9a723e709e2ee3985ed3b7c5a299d1cf5b29e8228f3f81d3cbb6876a

Download Submit
/data/user/0/com.slhytrowb.wfxaicaiw/shared_prefs/multidex.version.xml

Filesize
307B

MD5
60af2530993573e2760cf75c1f8b44c3

SHA1
342a63c3bb4b3859e4c335b1cc2f56d4bd50703e

SHA256
1095e6b2cf055f8af6af8e84481a495517ef68d358bd942611e39348c19dd88c

SHA512
ef76851f3bcbd886e3c973abe8b53014d9a37306608c2f7d946741b62edc40b6d56617f38c9fbff829a79e29d60918cc896261f3dcef1470d4c376fa2c4cf13e

Download Submit